Every business has a diverse set of requirements when it comes to their IT security and infrastructure needs. The same solutions won’t work for every business in every situation. Some consultants claim to have methodologies and tools that will automatically solve your issue.  In many cases, those tools and methodologies are just fancy names for spreadsheets and templates. You don’t need a template.  You need solutions based on a clear understanding of the challenges and threats that are prevalent in your industry as well as an understanding of your needs and goals.  Only then will you get the thoughtful, customized, solutions that your business needs.

HIPAA/HITECH (Meaningful Use)

If your organization deals with personal health information then HIPAA applies to you. Don’t risk the fines and penalties, civil suits, and reputation loss that are associated with a data breach. ITPAC provides the following services to ensure that you are compliant with HIPAA/HITECH regulations.

  • Gap Assessment
  • Facilitated Risk Assessments
  • HIPAA Security Rule Workshops
  • Consulting/Remediation Assistance
  • Policy/Procedure Development
  • Business Associate Assessments


IT Assessments for Banks (FFIEC Framework)

Any banks or credit unions that are regulated by the state, FDIC, OCC, NCUA, or GLBA are required to conduct annual or bi-annual independent assessments. Ensure that your institution is compliant and prepared. Don’t risk fines, lowered ratings, or damaging breaches, call ITPAC to make sure you’re compliant and protected. ITPAC offers the following services for banks:

  • Governance Reviews (Policies/Procedures, General IT Controls Review)
  • Electronic Banking Assessments
  • Policies and Procedures Development
  • Information Security Training for Employees or Commercial Clients
  • ACH Reviews
  • Vendor Assessments
  • Facilitated Risk Assessments


IT Controls Review

If your company is regulated by Sarbanes-Oxley (SOX) or the Model Audit Rule (MAR), proactively implementing IT controls or information security programs, or preparing for an external audit, ITPAC can assist you to ensure that you’re prepared. Depending on what your companies needs are ITPAC offers the following services:

  • Develop Internal Controls Framework
  • Text Existing Internal Controls
  • Streamline Controls/Compliance Environment
  • Implement Best Practices
  • Facilitated Risk Assessments


Payment Card Industry Data Security Standard (PCI DSS or PCI)

If your business stores, processes, or transmits credit card data then it’s best to be proactive about security and compliance. Forced compliance comes with short timelines and a painful price tag. Being proactive allows you to reduce your risk while effectively managing your budget and resources on a timeline that works for your company. ITPAC provides the following PCI services:

  • Gap Assessments
  • Consulting Remediation Assistance
  • Vendor Assessments